The security updates for Adobe Experience Manager (AEM) Forms, Adobe Experience Manager, Adobe RoboHelp resolve an important input validation issue that could lead to code execution and cross-site scripting attacks. The security updates for Adobe ColdFusion Builder, Adobe Digital Editions resolves an important vulnerability that could lead to information disclosure and a memory address leak respectively.

The most notable update was APSB16-39 resolving 17 total vulnerabilities for Flash Player which fixed a zero-dayvulnerability with exploits in the wild that is being used in targeted attacks against users running the 32-bit version of IE on Windows.

Adobe Experience Manager (APSB16-42):
– An important input validation issue in WCMDebug filter that could be used in cross-site scripting attacks (CVE-2016-7882).
– An important input validation issue in creates launch Wizard that could be used in cross-site scripting attacks (CVE-2016-7883).
– An important input validation issue in DAM create assets that could be used in cross-site scripting attacks (CVE-2016-7884).
– The Cross-Site Request Forgery in the Jackrabbit component (CVE-2016-7885).